/*
 * Copyright (c) 2013 Andaily Information Technology Co. Ltd
 * www.andaily.com
 * All rights reserved.
 *
 * This software is the confidential and proprietary information of
 * Andaily Information Technology Co. Ltd ("Confidential Information").
 * You shall not disclose such Confidential Information and shall use
 * it only in accordance with the terms of the license agreement you
 * entered into with Andaily Information Technology Co. Ltd.
 */
package com.shiwaixiangcun.authz.oauth.validator;

import com.shiwaixiangcun.authz.oauth.OAuthTokenxRequest;
import com.shiwaixiangcun.authz.shiro.authc.OAuth2UsernamePasswordToken;
import com.shiwaixiangcun.core.web.response.MonkeyResponseDto;
import com.shiwaixiangcun.core.web.response.ResponseCode;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.shiro.SecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.Set;

/**
 * 2015/7/4
 *
 * @author Shengzhao Li
 */
public abstract class AbstractOauthTokenValidator extends AbstractClientDetailsValidator {

    private static final Logger LOG = LoggerFactory.getLogger(AbstractOauthTokenValidator.class);


    protected OAuthTokenxRequest tokenRequest;

    protected AbstractOauthTokenValidator(OAuthTokenxRequest tokenRequest) {
        super(tokenRequest);
        this.tokenRequest = tokenRequest;
    }


    protected String grantType() {
        return tokenRequest.getGrantType();
    }


    protected MonkeyResponseDto invalidGrantTypeResponse(String grantType) throws OAuthSystemException {
//        return OAuthResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
//                .setError(OAuthError.TokenResponse.INVALID_GRANT)
//                .setErrorDescription("Invalid grant_type '" + grantType + "'")
//                .buildJSONMessage();
        return new MonkeyResponseDto().fail(ResponseCode.OAUTH2_GRANT_TYPE_ERROR, "Invalid grant_type '" + grantType + "'");
    }


    //true is invalided
    protected boolean invalidUsernamePassword() {
        final String username = tokenRequest.getUsername();
        final String password = tokenRequest.getPassword();
        final Set<String> scopes = oauthRequest.getScopes();
        try {
            SecurityUtils.getSubject().login(new OAuth2UsernamePasswordToken(username, password, scopes));
        } catch (Exception e) {
            e.printStackTrace();
            LOG.debug("Login failed by username: " + username, e);
            return true;
        }
        return false;
    }

    protected MonkeyResponseDto invalidUsernamePasswordResponse() throws OAuthSystemException {
//        return OAuthResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
//                .setError(OAuthError.TokenResponse.INVALID_GRANT)
//                .setErrorDescription("Bad credentials")
//                .buildJSONMessage();
        return new MonkeyResponseDto().fail(ResponseCode.OAUTH2_USERNAME_ERROR, "Bad credentials");
    }

}
